klali
commented
10 years ago This code is called into when the CLI is running on windows and no aeskey is supplied.
That whole code-path is weird and of questionable usefulness, I'm about to push a line of commits that throws an error in that function instead and stops using it from the CLI. Thanks for bringing our attention to it!
/klas
https://github.com/Yubico/yubikey-personalization/blob/6f669f5a1a1b4b02a10c82bdb96e8c077e01481b/ykpers.c#L352
Salting from time seems like a questionable activity. Is there any known scenario where this is called into?